12345678910111213141516171819202122232425262728293031323334353637383940414243444546 |
- [[!tag /news]]
- # Story
- Since I launched this website several months ago, Partager and all its servers
- were not using SSL. I initially intended to be only inside I2P, and I2P does its
- own encryption and some sort of authentication, which makes SSL unnecessary.
- However, later I decided to open the servers to clearnet access and that meant
- plain connections with potentially sensitive information passing unencrypted.
- At some point I configured ikiwiki to requires SSL for cookies, in order to
- avoid this privacy problem. That meant no web logins at all, of course.
- It took me a while to get SSL to work. Not because it's complicated, but because
- 1. I was busy with other things and make small slow steps
- 2. I was documenting my progress and writing a guide in parallel
- Since writing guides is not immediately useful, they get low priority and not
- writing them while the information is fresh in memory is a big risk. Once I
- forget and focus on other things, it's very difficult for me to write a full
- guide because I don't really have any experience or knowledge other than this
- one-time installation process I do with each new server.
- Solution: Write the guide in parallel to doing the process itself.
- # How to Use
- I wrote a guide for users of this website and other Partager servers (this
- includes anyone browsing here who wants to browse with HTTPS), which explains
- how to tell your computer to trust Partager's CA certificate (I created a new
- independent CA, not relying on any centralized CA organization).
- The guide is [[here|projects/systems/servers/security/certificates]]. There's also
- a more general-purpose guide with a bit more background info but less
- Partager-specific details [[here|projects/systems/user-guides/ssl]].
- Also, there's a general SSL info page [[here|/ssl]].
- # How to Make My Server Support SSL Too?
- I prepared an [[admin guide|projects/systems/admin-guides/ssl]] for the server
- admin, and a [[user guide|projects/systems/user-guides/ssl]] the admin can user in
- order to understand the client side and prepare the files, instructions etc. You
- can also use the Partager-specific guide linked above as a template.
|